Etani Security Infrastructure

  1. Hosted on Microsoft Azure

    Etani operates on the robust foundation of Microsoft Azure, incorporating:

    • Azure Data Factory
    • Azure Servers
    • Azure SQL Databases
    • Azure Data Warehousing
    • Azure Active Directory
    • Azure Power BI Embedded

    We're committed to maintaining the highest commercial standards of technological and operational security to shield personal information from misuse, interference, loss, unauthorized access, and alteration.

    Microsoft Azure Servers

    Data Residency: Servers operate regionally. For Australian businesses, data is hosted in Melbourne; for New Zealand, in Auckland; and for the USA, in the US East Azure Server.

    Microsoft Azure SQL Database & Data Warehousing

    • Dedicated Databases: Each Etani subscription boasts a separate Azure SQL Database, ensuring there's no data overlap between businesses.
    • Encryption: By default, Transparent Data Encryption (TDE) is active, with the DEK protected by a unique server certificate. Microsoft manages certificate rotation and key safeguarding, aligning with rigorous security policies.
      Learn more about Azure SQL Encryption

  2. User Authentication & Security

    • Multi-Factor Authentication (MFA): Etani employs MFA in Microsoft Power BI and within the Etani platform itself, supporting App Verify, Google Authenticator, and Security Questions.
    • JWT Tokens: Essential for mobile auto-login, password resets, and third-party Azure Data Factory connections.
    • Session Management: Every login requires session validation.
    • Password Safeguarding: All user passwords are hashed.

  3. Mobile Application Security

    Regional Access: Our mobile apps, available on Google Play and the Apple App Store, are restricted to their country of origin.


  4. Server-Side Protections

    • Firewall: Powered by Azure Network Security Groups.
    • Data Transmission: Guaranteed security with SSL.
    • Additional Protocols: Incorporating IP restrictions, 2FA on admin Azure access, session privacy, and disaster recovery plans.

  5. 3rd Party Accreditations

    Xero Partnership: As a trusted partner, Etani aligns with Xero's stringent security standards, undergoing annual assessments. Xero Security Standards


  6. Etani Risk Management

    • Regular Risk Assessment: Comprehensive evaluations conducted annually to identify threats and devise a security enhancement roadmap.
    • Physical Defense: All our devices are equipped with continuously updated antivirus software.
    • Team Preparedness: Meticulous background checks, foundational training, and periodic refresher sessions ensure our team remains vigilant and informed.

  7. Operations Management

    • Defensive Configuration: A holistic, multi-layered setup has been deployed to tackle cyber-related threats.
    • User Oversight: Established procedures for user account management.
    • Access Governance: System access is provisioned based on job roles, with approvals from the pertinent stakeholders.